This post is less on doing something useful and more on just proving that I can do something even though PowerShell is trying to tell me that I cannot do it. That little thing is updating a property on an object that is set as Read-Only.

My example to show you how you can do something like this is by looking at $PSVersionTable which as we all know gives us some great information about what version of PowerShell that we are using.

I am also using this as this was an example used in our previous user group meeting in which we were shown that the properties here could not be updated.

From this object, I am going to look more at the PSVersion property which of course is an object within this object.

Looking at the properties of this object, we can see that each of the properties are…

Comment from similar post: With previous versions of the RDP protocol, a user was allowed to change their password graphically after signing on. However, NLA has no such provision, at least the way it’s implemented in RDC. So, if you have to change your password you are SOL unless you can get to a console.

Remote Desktop Connection: An authentication error has occurred.
The Local Security Authority cannot be contacted
Remote Computer: hostname or ip

The issue:

Seems to happen more on 2012 server but if you have Network Level Authentication enabled it will not prompt you for a GUI change password option if you have change password at next logon selected. This error could happen for other reasons as well

One of the possible fixes:

uncheck change password at next logon if its selected

use a different tool to change your password at first logon

Additional info can be found at https://blog.mnewton.com/articles/Solution-RDP-The-Local-Security-Authority-cannot-be-contacted/

My old Dell desktop (Dimension C521, AMD Athlon 64 X2 Dual Core 3600+) got hit twice since Saturday and did not recover from the blue screen yet (it was finally fixed 30min ago). It runs Windows 7 and of course, it is “AMD inside”. Some online forum said this is caused by the friendly fire from Microsoft who tried to fix the Spectre and Meltdown which affect Intel chips.

I have left my desktop on automatic-update since its upgrade to Windows 7 and I left it in sleep mode or running state most of the time. Last Saturday morning, I found it stuck at a blue screen, which seemed new to me, because it didn’t show a lot of information like a normal blue screen does.

I was lucky on Saturday. After cycled the power, the try-normal boot didn’t work, so I tried to let it fix by itself and it works. It looked like nothing happened after that and ran without a problem for 3 days.

Last night, I left it run overnight, then in the morning, I saw the blue screen again. I tried to fix it used the same option as last time, several times. It didn’t work. So I did some research and found the following, I may try them after work today.

BTW, I don’t have third-party anti-virus installed on my PC, only have MS Security Essentials and that is up-to-date.

Okay, after some research and thoughts, I started to recover my PC when I got home.

First thing I tried is to let it boot and recover by itself, as expected it failed, the same as this morning. Then, I choose an advanced mode in the same session, and managed to get to a DOS prompt, but when I use the DISM command to remove the package, it gave me error said something about running mode. So I stopped there, went to the basement to find the Windows 7 installation disk.

Next, I use the Windows 7 installation DVD to boot the PC, went into recovery mode, similar interface as last try, I got the DOS prompt, and I ran the same DISM command, this time it had some progress as showing here:

It took a while and at the end, it’s a success.

After reboot, it still tried to finish the last “failed” update and stuck in this screen for quite some time.

Then it let me login, everything seems back to normal, except in the update history I saw this.

The latest pending update was the culprit, it still showed Pending state, but after a few minutes and a pop-up message, the status changed to Failed.

So that’s the adventure lately, and here is the command I ran, copied from one of those online communities.

Some thoughts though, after this. What about many other normal users, homeusers, system admins? Let’s wait and see how Microsoft can fix this for thousands if not millions of AMD-based PCs/servers when they are in bricked mode.

Active Directory Federation Services (AD S) in the Windows Server 2012 R2 OS provides flexibility for organizations that want to enable their users to log on to applications that are located on a local network, at a partner company, or in an online service.

With ADFS, your company can manage its own user accounts, and users only have to remember one set of credentials.

However, those credentials can provide access to a variety of applications, which typically are located in different locations.

ADFS is compliant with common Web services standards, thus enabling interoperability with identity federation solutions that other vendors provide.

AD FS addresses a variety of business scenarios where the typical authentication mechanisms used in an organization do not work.